KVM: x86/mmu: introduce cpu_role bit for availability of PFEC.I/D

While GMET looks a lot like SMEP, it has several annoying differences.
The main one is that the availability of the I/D bit in the page fault
error code still depends on the host CR4.SMEP and EFER.NXE bits.  If the
base.cr4_smep bit of the cpu_role is (ab)used to enable GMET, there needs
to be another place where the host CR4.SMEP is read from; just merge it
with EFER.NXE into a new cpu_role bit that tells paging_tmpl.h whether
to set the I/D bit at all.

Tested-by: David Riley <d.riley@proxmox.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 23a7ac8d7fbedba7c87aa9b9448c43aa821a13de..7dde4ca87752224517b3a92caf613dfdd6e7d463 100644 (file)
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -414,6 +414,13 @@ union kvm_mmu_extended_role {
                unsigned int cr4_smap:1;
                unsigned int cr4_la57:1;
                unsigned int efer_lma:1;
+
+               /*
+                * True if either CR4.SMEP or EFER.NXE are set.  For AMD NPT
+                * this is the "real" host CR4.SMEP whereas cr4_smep is
+                * actually GMET.
+                */
+               unsigned int has_pferr_fetch:1;
        };
 };
 

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index f2b162abd7e57bd851de7b19d1aec439933b7d6e..1860e4f3fb008391c1c650e3ff4bbdc4547b5861 100644 (file)
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -234,6 +234,11 @@ BUILD_MMU_ROLE_ACCESSOR(ext,  cr4, la57);
 BUILD_MMU_ROLE_ACCESSOR(base, efer, nx);
 BUILD_MMU_ROLE_ACCESSOR(ext,  efer, lma);
 
+static inline bool has_pferr_fetch(struct kvm_mmu *mmu)
+{
+       return mmu->cpu_role.ext.has_pferr_fetch;
+}
+
 static inline bool is_cr0_pg(struct kvm_mmu *mmu)
 {
         return mmu->cpu_role.base.level > 0;
@@ -5793,6 +5798,8 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kvm_vcpu *vcpu,
        role.ext.cr4_pke = ____is_efer_lma(regs) && ____is_cr4_pke(regs);
        role.ext.cr4_la57 = ____is_efer_lma(regs) && ____is_cr4_la57(regs);
        role.ext.efer_lma = ____is_efer_lma(regs);
+
+       role.ext.has_pferr_fetch = role.base.efer_nx | role.base.cr4_smep;
        return role;
 }
 
@@ -5946,6 +5953,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0,
 
        /* NPT requires CR0.PG=1. */
        WARN_ON_ONCE(cpu_role.base.direct || !cpu_role.base.guest_mode);
+       cpu_role.base.cr4_smep = false;
 
        root_role = cpu_role.base;
        root_role.level = kvm_mmu_get_tdp_level(vcpu);

diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h
index 047400af924d2e8f1263dfc77df0681afce500ea..07100bbfc270178dcc48aa0db7a63b4f563c550e 100644 (file)
--- a/arch/x86/kvm/mmu/paging_tmpl.h
+++ b/arch/x86/kvm/mmu/paging_tmpl.h
@@ -489,7 +489,7 @@ retry_walk:
 
 error:
        errcode |= write_fault | user_fault;
-       if (fetch_fault && (is_efer_nx(mmu) || is_cr4_smep(mmu)))
+       if (fetch_fault && has_pferr_fetch(mmu))
                errcode |= PFERR_FETCH_MASK;
 
        walker->fault.vector = PF_VECTOR;